nmav pushed to caml-crush (master). "include C_SetAttributeValue to the forbidden list"
notifications at fedoraproject.org
notifications at fedoraproject.org
Thu Apr 2 11:02:04 UTC 2015
>From a3574708cf0066af9b59529c89f04ff129cacb62 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav at redhat.com>
Date: Thu, 2 Apr 2015 13:01:19 +0200
Subject: include C_SetAttributeValue to the forbidden list
diff --git a/filter-softhsm-locked.conf b/filter-softhsm-locked.conf
index cb01309..e7fbc9c 100644
--- a/filter-softhsm-locked.conf
+++ b/filter-softhsm-locked.conf
@@ -63,7 +63,7 @@ allowed_ids = [("softhsm", [".*"])]
*)
(* In a softhsm key wrapping makes no sense and it can be used to recover keys
so it is disabled *)
-forbidden_functions = [("soft.*", [C_WrapKey, C_UnwrapKey, C_GenerateKey, C_GenerateKeyPair, C_CreateObject, C_CopyObject, C_DestroyObject])]
+forbidden_functions = [("soft.*", [C_WrapKey, C_SetAttributeValue, C_UnwrapKey, C_GenerateKey, C_GenerateKeyPair, C_CreateObject, C_CopyObject, C_DestroyObject])]
(* enforce_ro_sessions = [(a1, b1), (a2, b2) ...] is a list of couples where
'a' is a regular expression string representing module names, and 'b1',
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/caml-crush.git/commit/?h=master&id=a3574708cf0066af9b59529c89f04ff129cacb62
More information about the scm-commits
mailing list